Apparently a few want to make ISPs responsible. But I am sorry I don't agree with this. Responsibility starts at home. Users are just given the computer, they are not given instructions as soon as they turn it on. So I recommend that the ones making the computers include a flash file explaining to the user they need to protect their box, and what safeguards they have in place how long till they expire, and where to go for more help. This flash file should auto come on as soon as they boot the computer for the first time.
I don't believe ISPs should be the ones to secure the boxes after all they didn't create this mess. However I do believe they could add just one safeguard like limiting the amount of emails that a regular user sends out per hour. That will keep a lot of these e-mails that get forwarded at bay. But a good majority of the blame lies with the computer owner. Safety is a responsibility that falls squarely on the individual.